How does Google prevent its employees from being hacked? By using some hardware anyone can buy: USB Security Key
In 2017, the company began to equip all its 85,000 employees with physical security keys. And since then, no employees have reported any confirmed takeovers of work-related accounts, Google said Monday
The news, first reported by security journalist Brian Krebs, highlights how a physical security key can prevent your online accounts from breaching. Protecting your account with a password is often not enough. Sometimes hackers can guess it or they can use a phishing email to get them to give it up.
However, a security key provides protection that can prevent the best hackers from infiltrating your accounts. This works as follows: Every computer that tries to log in needs both the password and the physical key.
Security experts call this setup a two-factor authentication where you need both the password and some other information account. The largest Internet services, such as Google, Facebook and Twitter, actually offer this security solution and can now use it for free.
The only difference is that these two- Factor authentication is generally used with a password and a special code generated from your smartphone. Trying to hack someone with this security setting is not easy, but it can still be done.
Imagine a hacker with your phone number. He might try to get you to give up the special one-time codes that were generated on your smartphone. Other hackers have managed to crack two-factor authentication by spying on a mobile network and intercepting SMS loaded with special codes.
A physical security key solves this problem by introducing actual hardware into the equation. Password and special codes are all digital, so they are easy to send and replicate. A USB security key is not. To break into your account, a hacker not only has to know your password, but must come in person and steal your security key from you. This probably explains why Google employees were so hard to fish.
If you are in the market for a security key, the most popular manufacturer of them is Yubico, which offers them starting at $ 20. The more expensive models can be used to connect to a smartphone or a USB-C port.
Not every site supports USB security keys, but the biggest ones like Google, Facebook, Dropbox and most recently Twitter. The entire technology industry is also working to introduce new login standards that help make key support widely accepted.
If you have a limited budget, it is still recommended to use two-factor authentication. However, it's a good idea to generate the special codes that you receive instead of text messages through an authenticator app.